2026-09-01

General information

NaikNowPro operates practical training services focused on professional upskilling. We collect and process personal data to provide training modules, evaluate scenario-based assignments, administer enrollments, and support collaboration with employers. This policy describes what data we handle, how we use it in realistic training scenarios, and the choices available to learners and partner organisations. Contact details, business registration, and policy effective date are provided below to help learners and partners verify our identity and review our practices.

NaikNowPro, Business ID 003566189613, Jalan Raja Chulan, 50250 Kuala Lumpur, Federal Territory of Kuala Lumpur, Malaysia. Contact: +60120605677 Jalan Raja Chulan, 50250 Kuala Lumpur, Federal Territory of Kuala Lumpur, Malaysia [email protected]
1

Definitions

This section explains terms used throughout the policy with practical examples tied to training, assessment, and employer collaboration scenarios.

Personal data means information that relates to an identifiable individual. Examples in our context: learner name, email, resume files uploaded for role-play exercises, recorded video submissions of scenario responses, and feedback submitted by mentors.
Processing covers any operation on personal data, including collection, storage, use, analysis, sharing with instructors, and deletion. For example, when a learner uploads a capstone assignment, we store the file, run assessment workflows, and present results to the learner and assigned mentor.
User refers to any learner, instructor, employer representative, or site visitor interacting with NaikNowPro services in Malaysia. In case studies, 'user' may be a participant role such as 'project lead candidate' or 'team communication role-player'.
Service refers to NaikNowPro training platform, including course materials, scenario simulations, assessment tools, live workshops, and related communications used to support professional development.
Cookies are small data files stored on your device used to enable platform functionality, retain preferences, and support analytics for improving scenario-based trainings. We explain categories and how you can manage them below.
2

What data we collect

We collect data directly from users, automatically through platform interactions, and occasionally from third-party partners (employers or integrated service providers). Examples and scenarios illustrate each category so learners understand the practical reasons data is required for training and assessment.

Data you provide directly

When you register, enroll, submit assignments, or communicate with mentors, you provide data that enables course delivery and assessment. Practical cases below show typical items collected.

  • Registration details: name, email, organisation (optional), role preference used to match scenario exercises.
  • Profile and CV: resume, skill tags, collection links used to place learners into role-play case cohorts and to tailor capstones.
  • Assessment submissions: written assignments, recorded presentations, and simulation artifacts used for grading and feedback loops.
  • Communications: messages to trainers, mentoring notes, and feedback forms used to monitor progress in real scenarios.
  • Payment details: transactional data required for paid plans; business processing is handled by our payment processor and minimal billing data is retained for reconciliation.
  • Consent and preferences: marketing preferences, communication consents, and language selection used to personalise the training experience.

Automatically collected data

Some data is generated by platform usage and system logs to support functionality and improve learning pathways. Examples show how automatic data informs scenario assignments and platform reliability.

  • Usage logs: pages visited, module completion timestamps, and interaction patterns used to recommend next-case scenarios.
  • Technical data: device type, browser, IP address and session identifiers used to maintain security and troubleshoot issues.
  • Performance metrics: assessment timing, quiz attempt counts, and progression analytics used to refine practical exercises.
  • Cookies and similar technologies: identifiers that remember session state and preferences for smoother case-study playback.
  • Error reports and diagnostics data used to enhance platform stability during live simulation sessions.
  • Location data inferred from IP for regional relevance of workshops and employer panels, not precise geolocation unless explicitly provided.

Data from third parties

Where permitted and relevant to training scenarios, we may receive data from employer partners or integrated services to enrich learning contexts or verify enrolment details.

  • Employer referrals: limited contact and role information to onboard cohort participants for employer-led case challenges.
  • Identity verification providers: confirmation results used to validate instructor or employer representative identities for live sessions.
  • Payment processors: transaction confirmations and minimal billing references for paid plans and reimbursements.
3

How we use data

We use collected data to operate the platform, deliver scenario-based training, evaluate participant performance, and collaborate with employers on realistic projects. Below are concrete purposes and associated examples.

  • Provide the service: enable access to modules, deliver video sessions, and store assignment submissions for review.
  • Assessment and feedback: grade scenario assignments, compile mentor notes, and generate development summaries used in follow-up coaching.
  • Personalisation: adapt scenario difficulty and suggest role-specific case studies based on observed progress and declared skills.
  • Communication: send course notifications, workshop invites, and administrative messages related to training schedules.
  • Security and fraud prevention: detect misuse, protect accounts, and ensure integrity during live employer simulations.
  • Compliance and legal obligations: retain records for contractual and regulatory needs related to training delivery.
  • Research and improvement: anonymised analytics to improve scenario design and pedagogical approaches; aggregated results used to refine future cases.
  • Partner collaboration: share limited progress summaries with employer partners when a learner consents to employer review in a recruitment scenario.
4

Legal bases for processing

When processing personal data we rely on appropriate legal bases such as contract performance, consent, legitimate interests, or compliance with legal obligations. Practical examples follow to clarify which basis applies in common training situations.

  • Contract: processing necessary to deliver the training service you signed up for (e.g., hosting assignments and assessments).
  • Consent: optional uses like sharing progress with potential employers or marketing communications; you can withdraw consent at any time.
  • Legitimate interests: limited analytics and platform improvement activities balanced against user privacy, performed with safeguards and minimisation.
  • Legal obligation: retention and disclosure when required by law or official requests relevant to training contracts or tax records.
5

Data protection and applicable rights

Although NaikNowPro operates in Malaysia, we recognise international data protection standards. This section summarises rights commonly associated with data protection frameworks and how to exercise them in practice-oriented contexts such as training records and employer interactions.

  • Access: request a copy of personal data we hold about you, such as submitted assignments and assessment summaries.
  • Rectification: correct inaccurate personal information used in your learner profile or assessment records.
  • Erasure: request deletion of personal data where retention is no longer necessary, subject to legal and contractual retention needs.
  • Restriction: request limited processing for specific records while a dispute over accuracy or use is resolved.
  • Portability: where feasible, receive a machine-readable copy of data you provided for transfer to another provider.
  • Objection: object to processing based on legitimate interests, for example if you disagree with how anonymised analytics are used in course design.
6

Cookies and similar technologies

Cookies are used to support platform functionality, remember preferences, and collect analytics related to scenario engagement. We explain types, categories, and how to manage choices below.

Types include session cookies for active logins, persistent cookies for language preferences, and third-party cookies used by analytics providers when tracking aggregate usage trends across case studies.

Categories: essential (required for basic platform operation), performance (usage analytics to improve modules), functionality (preferences), and marketing (only with consent for outreach about relevant workshops).

You can manage cookie settings through your browser and in-platform preference controls. Disabling non-essential cookies may affect some personalised features such as saved progress and tailored scenario recommendations.

View our detailed cookie policy

7

Data sharing and disclosures

We only share personal data with third parties when necessary for service delivery, legal reasons, or with your explicit consent. Practical examples of typical sharing partners are listed below.

  • Service providers: cloud hosting, learning management systems, and analytics providers that process data under contract to support platform functionality.
  • Payment processors: third-party payment services that handle transactions for paid plans; minimal billing references returned to us for reconciliation.
  • Employer partners: with your explicit consent, we may share assessment summaries and relevant materials when you opt into employer review or recruitment scenarios.
  • Legal and regulatory authorities: where we are required to respond to lawful requests or comply with local obligations.
  • Professional advisors: auditors or legal advisors who require access to limited data to provide services to NaikNowPro under confidentiality terms.
  • Aggregated or anonymised data: we may share non-identifiable aggregate metrics from training outcomes to inform curriculum improvements or public reports.
8

International data transfers

NaikNowPro may transfer data to suppliers or partners located outside Malaysia when it is necessary to deliver services (for example, cloud hosting or global analytics). Transfers are minimised and documented.

When transfers occur we implement appropriate safeguards such as contractual data protection clauses, careful vendor selection, data minimisation, and technical controls like encryption to reduce exposure. We also assess transfer risks on a case-by-case basis before sharing learner data with overseas partners.

9

Data retention

We retain personal data only as long as necessary to provide services, meet contractual obligations, and comply with legal requirements. Retention periods consider the needs of training records, employer collaboration cases, and audit purposes.

Account information and core training records are retained for the duration of active enrolment and for a reasonable period after course completion to support alumni access, certification verification, and employer reference requests unless you request earlier deletion.

Communications, support tickets, and mentor feedback are retained for a period consistent with administrative needs and quality assurance of training programs, typically for up to 3 years unless otherwise required by law or contractual arrangements.

We retain system logs and interaction records for operational analysis and fraud prevention. Typical retention for technical logs is 18 months, with access restricted to authorized personnel. Retention periods are based on regulatory requirements and business needs; anonymized aggregate data may be kept longer for trend analysis and course development case studies.

Participants may request deletion of their personal data. Upon verified request we remove personal identifiers from active systems within a reasonable timeframe and remove the record from learner directories. Certain logs required for compliance or internal auditing may be retained in anonymized form so they cannot be linked to an identifiable person.

10

Data protection and security

NaikNowPro applies a layered security approach to safeguard learner data. Security protocols include access controls, encrypted storage of sensitive information, and regular audits. We use scenario-based risk assessments that simulate common threats to training platforms to refine our controls and operational response procedures.

  • Encryption of data at rest and in transit using current industry protocols to protect account credentials and personal information.
  • Role-based access control and audit logs to restrict and monitor employee access to learner records; periodic review of accounts and privileges.
  • Regular security testing, patch management, and incident response exercises that mirror real training scenarios to reduce downtime and data exposure.
11

Your rights

As a learner or visitor you have specific rights regarding your personal data. Below are actions you can request and the steps NaikNowPro takes to address them, illustrated with practical examples and case scenarios where applicable.

  • Access: Request a copy of the personal data we hold about you, including enrollment records and assessment scores. Example: a learner requests their five most recent course completions to provide to an employer.
  • Rectification: Ask us to correct inaccurate or incomplete data. Case scenario: a user notices a misspelled name on a certificate and submits a correction request through the dashboard.
  • Erasure: Request deletion of personal data when retention is no longer necessary. We assess each request against contractual and legal retention obligations and provide a clear outcome.
  • Restriction of processing: Request suspension of processing in specific situations, for example when a data accuracy dispute is open while we contribute.
  • Data portability: Where applicable, receive personal data in a structured, commonly used, machine-readable format to transfer to another service provider.
  • Object to processing: Object to certain processing activities such as direct marketing; we present clear opt-out mechanisms and respect user preferences.
  • Withdraw consent: Withdraw consent for processing activities previously agreed to, with information on the consequences and alternatives.
  • Lodge a complaint: If you believe your data rights have been infringed, you may lodge a complaint with the relevant supervisory authority; we will cooperate with official inquiries.
12

How to make a rights request

To exercise any of the above rights, contact our privacy team with a clear description of your request and proof of identity. Requests can be submitted via the contact details below. We may ask for additional information to verify identity and scope of the request; examples of acceptable verification include a copy of a government-issued ID and the email address used for the account.

[email protected]

We aim to respond to verified requests within 30 calendar days. In complex cases where we need more time, we will inform you of the reasons and provide an estimated response timeline. Where local law mandates different timelines, we will comply with applicable legal limits.

Marketing communications

NaikNowPro uses marketing communications to share course updates, case studies, and invitations to workshops. Marketing is based on consent or legitimate interest where permitted. Communications include practical examples such as new cohort start dates, post-course employer engagement events, and alumni success stories used to illustrate program outcomes without promising specific results.

You can unsubscribe from marketing emails using the unsubscribe link in any message or by changing your communication preferences in your account settings. Upon unsubscribe we will stop applicable marketing communications promptly, while transactional communications related to your enrollments will continue unless you request otherwise.

Children and minors

NaikNowPro services are designed for adult learners and professionals. We do not intentionally collect personal data from children under the age of 18. If we become aware that we have collected personal information from a minor without appropriate consent, we will take steps to delete that information in accordance with our data removal processes.

Third-party links

Our platform may include links to third-party sites or tools used for assessments, payment processing, or supplemental learning resources. These external services have their own privacy policies; we encourage users to review those policies. We regularly vet partners and illustrate integration scenarios in our vendor case logs to ensure alignment with our data protection expectations.

Changes to this policy

We may update our privacy policy to reflect changes in services, legal requirements, or security practices. Material changes will be posted on NaikNowPro.pro and, when appropriate, notified to registered users by email. Each change will include the effective date to help users track updates in a practical timeline format.

13

Contact and exercise of rights

Privacy inquiries and requests can be sent to: NaikNowPro, Jalan Raja Chulan, 50250 Kuala Lumpur, Federal Territory of Kuala Lumpur, Malaysia. For immediate assistance call +60120605677 or email [email protected]. Business ID: 003566189613. Policy last updated: 10-03-2026.

+60120605677
Jalan Raja Chulan, 50250 Kuala Lumpur, Federal Territory of Kuala Lumpur, Malaysia